Results 1 to 7 of 7

Thread: 450 Client host rejected: cannot find your hostname

  1. #1
    ljramos is offline Active Member
    Join Date
    Aug 2007
    Location
    Delaware USA
    Posts
    39
    Rep Power
    8

    Default 450 Client host rejected: cannot find your hostname

    Can someone explain me this?

    [root@dedicated ~]# dig -t mx cntit.com

    ; <<>> DiG 9.3.1 <<>> -t mx cntit.com
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23617
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;cntit.com. IN MX

    ;; ANSWER SECTION:
    cntit.com. 3600 IN MX 10 dedicated.cntit.com.

    ;; AUTHORITY SECTION:
    cntit.com. 3600 IN NS ns5.secureserver.net.
    cntit.com. 3600 IN NS ns6.secureserver.net.

    ;; ADDITIONAL SECTION:
    dedicated.cntit.com. 3600 IN A 207.234.224.95

    ;; Query time: 68 msec
    ;; SERVER: 208.109.78.180#53(208.109.78.180)
    ;; WHEN: Wed Aug 15 13:41:27 2007
    ;; MSG SIZE rcvd: 121
    ------------
    [root@dedicated ~]# dig -t any cntit.com

    ; <<>> DiG 9.3.1 <<>> -t any cntit.com
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27115
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;cntit.com. IN ANY

    ;; ANSWER SECTION:
    cntit.com. 86400 IN SOA NS5.SECURESERVER.NET. dns.jomax.net. 2007073000 28800 7200 604800 86400
    cntit.com. 3600 IN A 207.234.224.95
    cntit.com. 3600 IN MX 10 dedicated.cntit.com.
    cntit.com. 3600 IN NS ns5.secureserver.net.
    cntit.com. 3600 IN NS ns6.secureserver.net.
    cntit.com. 3600 IN TXT "v=spf1 a:dedicated.cntit.com ~all"

    ;; ADDITIONAL SECTION:
    dedicated.cntit.com. 3600 IN A 207.234.224.95

    ;; Query time: 68 msec
    ;; SERVER: 208.109.78.180#53(208.109.78.180)
    ;; WHEN: Wed Aug 15 13:41:51 2007
    ;; MSG SIZE rcvd: 249
    ----snip----

    [root@dedicated ~]# su - zimbra -c 'zmlocalconfig' | grep host
    ldap_host = dedicated.cntit.com
    logger_mysql_bind_address = localhost
    mysql_bind_address = localhost
    snmp_trap_host = dedicated.cntit.com
    zimbra_server_hostname = dedicated.cntit.com
    zimbra_zmprov_default_soap_server = localhost
    ------snip----

    [root@dedicated ~]# cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    127.0.0.1 localhost.localdomain localhost
    207.234.224.95 dedicated.cntit.com dedicated
    -----snip----
    [root@dedicated ~]# cat /etc/resolv.conf
    nameserver 208.109.78.180
    nameserver 216.219.239.7
    nameserver 216.219.239.8
    nameserver 208.109.80.75
    ----snip----

    Yesterday all fine
    Today morning all fine
    Now 12:00 pm EST
    Now email comes in no email comes out.

    Internal emails are flowing normal.


    Do I have something wrong?
    An I doing something wrong?

    I have check every where here and wiki

    I have disable DNS lookup

    Who is rejecting, (450) my zimbra server or the destination/sender server?

  2. #2
    mmorse's Avatar
    mmorse is offline Moderator
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    how about enable dns lookups? (recheck that box in the global settings>mta tab)

    450-is a soft reject usually releated to PTR in-addr.arpa (reverse DNS) records
    -from the other side might mean they are trying to run SMTP VRFY...
    -from your side turn off reject_unknown_client & hostname (uncheck those boxes in the global settings>mta tab)
    Last edited by mmorse; 08-27-2007 at 11:27 AM. Reason: global settings>mta tab

  3. #3
    ljramos is offline Active Member
    Join Date
    Aug 2007
    Location
    Delaware USA
    Posts
    39
    Rep Power
    8

    Default Done still same issue

    This is a test email sent from dnsstuff.com
    ---snip---
    Aug 15 15:32:07 dedicated postfix/smtpd[11522]: NOQUEUE: reject: RCPT from unknown[74.53.59.133]: 450 Client host rejected: cannot find your hostname, [74.53.59.133]; from= to= proto=SMTP helo=
    ---snip---

    I have called my ISP to fix the PTR netry to reflect the FQDN? HOw long will it take to reflect the RDNS correctly?

  4. #4
    mmorse's Avatar
    mmorse is offline Moderator
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Well as long as it takes to propagate to the servers that the other end are checking against...
    However, PTR records are not 100% required, so I find it odd that all of a sudden everyone your emailing is doing reverse dns checks against you.

    (You never said if you checked the enabled dns lookups box & unchecked reject_unknown_client.)

    What's your output of 'dig dedicated.cntit.com' or 'dig any dedicated.cntit.com' etc?
    Last edited by mmorse; 08-25-2007 at 11:11 AM.

  5. #5
    ljramos is offline Active Member
    Join Date
    Aug 2007
    Location
    Delaware USA
    Posts
    39
    Rep Power
    8

    Default

    mmorse ....
    Well it is the other way around. Most of the incoming emails are being flag 450 due to RDNS failure.
    for example
    EHLO is
    but the RDNS is reject: RCPT from relay1-bna.webmd.com[204.250.122.30]

    Is there something I can do to minimize this legitimate email to be flag as 450

  6. #6
    mmorse's Avatar
    mmorse is offline Moderator
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Cleaning out my unreplied folder...
    Ok so you fixed the outgoing issue? How about your incoming issue?

    Outgoing-In the first post you said:
    Quote Originally Posted by ljramos
    email comes in no email comes out.
    Enable DNS lookups. (And fix your own PTR entry; not always needed but it cuts down as being called a spammer.)

    Incoming-Then it changed to:
    Quote Originally Posted by ljramos
    reject: RCPT from unknown[74.53.59.133]: 450 Client host rejected: cannot find your hostname, [74.53.59.133]
    &
    Quote Originally Posted by ljramos
    Most of the incoming emails are being flag 450 due to RDNS failure.
    Turn off reject_unknown_client; which rejects the request when the client IP address has no PTR (address to name), or when the PTR record does not have a matching A record (name to address).
    Turn off reject_unknown_hostname; which rejects the request when the hostname in the client HELO (EHLO) command has no DNS A or MX record.
    Last edited by mmorse; 08-27-2007 at 11:31 AM. Reason: so which is your current issue? (incomming or outgoing?)

  7. #7
    randall is offline Advanced Member
    Join Date
    Jun 2007
    Location
    Philippines
    Posts
    193
    Rep Power
    8

    Default

    Is there something I can do to minimize this legitimate email to be flag as 450
    Reply With Quote
    mmorse is correct. You have to turn off that reject_unknow_client and reject_unknow_hostname.

    There are alot of MX server there that is not properly configured for this and they get rejected if you have those flags on.

    The reject_non_fqdn_hostname and reject_non_fqdn_sender will do, I believe.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra Installation Problems (RHEL AS v4)
    By stillwell in forum Installation
    Replies: 15
    Last Post: 06-28-2007, 07:58 PM
  2. Trying to install Zimbra Network Edition on REH 4.4
    By intekular in forum Installation
    Replies: 4
    Last Post: 12-18-2006, 09:51 PM
  3. Installation Cancelled - Zimbra-spell !
    By Ledg in forum Installation
    Replies: 4
    Last Post: 10-19-2006, 02:54 AM
  4. Installation Failed
    By freit5 in forum Installation
    Replies: 2
    Last Post: 08-17-2006, 11:38 PM
  5. Unknown Host ?
    By msentissi in forum Administrators
    Replies: 5
    Last Post: 03-18-2006, 03:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •